Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/tRIaUT_FXQ7ymk8OGg5BVzvp_Us.roa
File: tRIaUT_FXQ7ymk8OGg5BVzvp_Us.roa (raw, json)
Hash identifier: /v1SW1IDp0pD/8h+5Bv7bjj1VuScDMRpBhj4Y0ucD7c=
Subject key identifier: B5:12:1A:51:3F:C5:5D:0E:F2:9A:4F:0E:1A:0E:41:57:3B:E9:FD:4B
Certificate issuer: /CN=bbd351b274fc23a42728303638a0d62b606401b4
Certificate serial: 37D7CC7D
Authority key identifier: BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/tRIaUT_FXQ7ymk8OGg5BVzvp_Us.roa
Signing time: Sat 01 Jan 2022 00:57:39 +0000
ROA not before: Sat 01 Jan 2022 00:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29317
IP address blocks: 91.194.118.0/23 maxlen: 23
91.194.124.0/23 maxlen: 23
2001:1578::/32 maxlen: 40
2001:1578:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936889469 (0x37d7cc7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd351b274fc23a42728303638a0d62b606401b4
Validity
Not Before: Jan 1 00:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5121a513fc55d0ef29a4f0e1a0e41573be9fd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b3:34:e8:a2:aa:2e:fb:6a:ce:01:04:88:f6:
fd:8f:75:fd:4e:1b:ba:72:a3:5b:74:18:93:d8:29:
43:75:25:08:f4:97:f5:d1:63:7c:80:6f:69:a4:84:
a4:e0:73:d7:0f:88:bf:f8:c8:e7:88:3f:0d:66:b0:
35:c2:1d:ae:ec:8a:dd:67:4f:d2:31:31:b8:fc:8d:
73:2b:d7:05:81:16:65:f5:20:cf:5f:7b:39:d6:d3:
01:44:f5:70:8f:a4:4a:82:4b:d7:a0:3a:75:d4:7f:
43:e8:31:df:af:ad:b1:3d:f5:61:12:b3:73:53:f7:
a6:b2:a5:1e:7c:e1:14:02:40:f4:49:9d:62:50:c3:
86:34:4b:aa:ae:d3:f7:5d:91:19:5d:72:be:92:93:
5d:22:35:a5:9e:3f:80:21:66:6c:bf:dd:23:9e:66:
be:72:b2:7c:91:2b:a6:19:06:06:86:7a:b5:b2:5f:
a8:db:3a:77:aa:4f:35:79:66:aa:19:28:35:f9:1d:
14:fb:4a:5c:4f:6a:69:60:20:49:55:9f:d9:f3:4f:
65:36:98:9e:3f:c1:bd:2c:b4:9f:0d:4c:af:93:96:
fe:d5:2e:f7:57:53:72:53:8b:6f:ba:db:6e:62:ab:
2f:6b:89:dc:d1:72:05:6d:8a:f3:ea:4f:67:ec:26:
51:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:12:1A:51:3F:C5:5D:0E:F2:9A:4F:0E:1A:0E:41:57:3B:E9:FD:4B
X509v3 Authority Key Identifier:
keyid:BB:D3:51:B2:74:FC:23:A4:27:28:30:36:38:A0:D6:2B:60:64:01:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/tRIaUT_FXQ7ymk8OGg5BVzvp_Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1f90a-2bad-41b4-b1a6-46b3028a03b0/1/u9NRsnT8I6QnKDA2OKDWK2BkAbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.118.0/23
91.194.124.0/23
IPv6:
2001:1578::/32
Signature Algorithm: sha256WithRSAEncryption
99:09:c3:0e:23:5d:49:e7:fe:0c:6b:e0:5c:c6:a0:fc:e4:db:
13:5d:96:8c:d9:c0:da:b7:b6:cb:0c:37:12:d6:f5:76:f9:e9:
4e:56:e2:e4:75:3e:67:35:a7:5d:cd:16:f4:77:97:f2:da:aa:
4c:41:b3:bb:51:0a:6c:99:70:c4:e7:d9:5e:fc:45:95:60:98:
f4:f4:5a:88:ea:3f:0b:ff:75:6e:01:7f:c0:ee:b5:df:22:8a:
6a:1f:f1:7b:37:53:fd:ce:ce:a1:56:79:6f:73:79:4c:8e:30:
8f:66:8a:99:b3:88:5d:fa:55:90:3a:b1:2d:45:42:27:07:ab:
24:02:ff:46:1e:f6:3f:9c:31:e3:a2:e0:06:b5:1b:fb:5b:a2:
f9:6c:96:ba:18:59:db:0f:7f:1d:08:b4:3e:0a:fe:4c:76:ed:
b2:12:d7:f5:07:50:d3:76:7b:ae:29:42:55:a1:39:e9:18:e3:
08:c1:e5:5b:f0:77:2b:27:37:1a:24:22:72:e3:03:55:33:77:
08:8e:5c:ec:42:72:c5:89:b2:22:fc:00:4b:bb:50:a9:cf:57:
39:eb:bb:14:06:f1:6c:2b:ef:f3:50:eb:bf:43:65:cf:8b:1e:
dd:36:a6:e7:a7:59:9a:59:d7:44:d1:3b:bc:c6:63:b8:0c:14:
a6:ae:4a:9f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN9fMfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmQzNTFiMjc0ZmMyM2E0MjcyODMwMzYzOGEwZDYyYjYwNjQwMWI0MB4XDTIyMDEw
MTAwNTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUxMjFhNTEzZmM1
NWQwZWYyOWE0ZjBlMWEwZTQxNTczYmU5ZmQ0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuzNOiiqi77as4BBIj2/Y91/U4bunKjW3QYk9gpQ3UlCPSX
9dFjfIBvaaSEpOBz1w+Iv/jI54g/DWawNcIdruyK3WdP0jExuPyNcyvXBYEWZfUg
z197OdbTAUT1cI+kSoJL16A6ddR/Q+gx36+tsT31YRKzc1P3prKlHnzhFAJA9Emd
YlDDhjRLqq7T912RGV1yvpKTXSI1pZ4/gCFmbL/dI55mvnKyfJErphkGBoZ6tbJf
qNs6d6pPNXlmqhkoNfkdFPtKXE9qaWAgSVWf2fNPZTaYnj/BvSy0nw1Mr5OW/tUu
91dTclOLb7rbbmKrL2uJ3NFyBW2K8+pPZ+wmUZkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS1EhpRP8VdDvKaTw4aDkFXO+n9SzAfBgNVHSMEGDAWgBS701GydPwjpCco
MDY4oNYrYGQBtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U5TlJzblQ4STZRbktEQTJPS0RXSzJCa0FiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8x
L3RSSWFVVF9GWFE3eW1rOE9HZzVCVnp2cF9Vcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
YzFmOTBhLTJiYWQtNDFiNC1iMWE2LTQ2YjMwMjhhMDNiMC8xL3U5TlJzblQ4STZR
bktEQTJPS0RXSzJCa0FiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVvCdgMEAVvCfDANBAIAAjAHAwUA
IAEVeDANBgkqhkiG9w0BAQsFAAOCAQEAmQnDDiNdSef+DGvgXMag/OTbE12WjNnA
2re2yww3Etb1dvnpTlbi5HU+ZzWnXc0W9HeX8tqqTEGzu1EKbJlwxOfZXvxFlWCY
9PRaiOo/C/91bgF/wO613yKKah/xezdT/c7OoVZ5b3N5TI4wj2aKmbOIXfpVkDqx
LUVCJwerJAL/Rh72P5wx46LgBrUb+1ui+WyWuhhZ2w9/HQi0Pgr+THbtshLX9QdQ
03Z7rilCVaE56RjjCMHlW/B3Kyc3GiQicuMDVTN3CI5c7EJyxYmyIvwAS7tQqc9X
Oeu7FAbxbCvv81Drv0Nlz4se3Tam56dZmlnXRNE7vMZjuAwUpq5Knw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:12 2025 by rpki-client